<?php
	session_start();

	//restrict page access
	if(!isset($_SESSION['user']))
	{
		header('Location:index.php');
		exit;
	}

	include("std_dbs.php");

        if(isset($_POST['submit']) || isset($_SESSION['title']))
        {                                
		if(isset($_POST['submit']))
		{
			$addFavorite = addslashes($_POST['addFavorite']);
        		$rating = addslashes($_POST['rating']);
        		$comment = addslashes($_POST['comment']);
        		unset($_POST['submit']);
		}
		else
		{
			$addFavorite = $_SESSION['title'];
                        $rating = $_SESSION['rating'];
                        $comment = $_SESSION['comment'];
                        unset($_SESSION['title']);
			unset($_SESSION['rating']);
			unset($_SESSION['comment']);

		}
                if($addFavorite=='')
                {
                	$message = "You must enter a valid movie title!<br />";
                }
                else
                {
                	$userId = $_SESSION['userid'];

                        //get the movID, to be used in the usercontent insert
                        //build query
                        $query ="SELECT MOVID FROM MOVIES WHERE MOVTITLE = '".$addFavorite."'";

                        //Prepare and execute query
                        $stid = oci_parse($connect, $query);
                        oci_execute($stid);
			
                        while($row = oci_fetch_array($stid))
                        {
   	                        $movId=$row[0];
				
                       	}

                        if($movId == "")
	                        $message = "\"$addFavorite\" was not found.  You may add it by following the \"Add Movie\" link on the right.<br />";
                        else
                        {
                        	//build query
                              	$query ="INSERT INTO UserContent VALUES ('$userId', '$movId', DEFAULT, '3', SYSDATE, '$rating', '$comment')";

                                //Prepare and execute query
                                $stid = oci_parse($connect, $query);
                                $r = oci_execute($stid);

                                if (!$r)
                                {
                                	//$e = oci_error($stid);  // For oci_execute errors pass the statement handle
                                        //echo htmlentities($e['message']);
                                        //echo "\n<pre>\n";
                                        //echo htmlentities($e['sqltext']);
                                       	//echo $e['message'];
                                        //printf("\n%".($e['offset']+1)."s", "^");
                                        //echo  "\n</pre>\n";
					$message = "There was an error while adding this movie to your favorites.";
                                }
				else
				{
				oci_commit();
				$message = "The movie has been added to your favorites.<br />";
				}
			}
       		}
	}
	else if(isset($_POST['remove']))
	{
		//get and sanitize title to remove from favorites
		$removeFavorite = addslashes($_POST['removeFavorite']);
		$confirmRemove = addslashes($_POST['confirmRemove']);

		//error check the inputs
		if($removeFavorite != $confirmRemove)
		{
			$message = "The movie title to remove was not confirmed correctly.<br />";
		}
		else if($removeFavorite=='')
		{
			$message = "You must enter a title to remove.<br />";
		}
		else
		{
			$userId = $_SESSION['userid'];

                        //get the movID, to be used in the usercontent insert
                        //build query
                        $query ="SELECT MOVID FROM MOVIES WHERE MOVTITLE = '".$removeFavorite."'";

                        //Prepare and execute query
                        $stid = oci_parse($connect, $query);
                        oci_execute($stid);

                        while($row = oci_fetch_array($stid))
                        {
                                $movId=$row[0];

                        }

                        if($movId == "")
                                $message = "\"$removeFavorite\" was not found.<br />";
                        else
                        {
                                //build query
                                $query ="DELETE FROM UserContent WHERE MOVID = '".$movId."' AND USERID = '".$userId."' AND CONTENTTYPE = 3";

                                //Prepare and execute query
                                $stid = oci_parse($connect, $query);
                                $r = oci_execute($stid);

                                if (!$r)
                                {
                                        //$e = oci_error($stid);  // For oci_execute errors pass the statement handle
                                        //echo htmlentities($e['message']);
                                        //echo "\n<pre>\n";
                                        //echo htmlentities($e['sqltext']);
                                        //echo $e['message'];
                                        //printf("\n%".($e['offset']+1)."s", "^");
                                        //echo  "\n</pre>\n";
					$message = "There was an error while removing your favorite.";
                                }
				else
				{
                                oci_commit();					
				$message = "\"$removeFavorite\" has been removed from your favorites.<br />";	
				}	
			}
		}
	}

	$title = "My Favorites";
	$optionalcss = 
    '<script type="text/javascript" src="jquery-1.4.2.min.js"></script>
<script type="text/javascript" src="coin-slider.min.js"></script>
<link rel="stylesheet" href="coin-slider-styles.css" type="text/css" />';
	include('header.php');

?>
	
<!-- start content -->
	<div id="content">	
		<div class="post">
                        <h1 class="title"><a href="#">My Favorite Movies</a></h1><br />   
                        
				<font color='red'><?php echo $message; ?></font>
		<?php
			$userId = $_SESSION['userid'];

			//build query
                	$query = "SELECT CREATEDATE, RATING, TEXT, MOVTITLE, IMGCOVER FROM UserContent INNER JOIN Movies ON UserContent.MOVID 
= 
MOVIES.MOVID WHERE USERCONTENT.USERID = $userId AND CONTENTTYPE = '3'";

                	//Prepare and execute query
                	$stid = oci_parse($connect, $query);
                	$r = oci_execute($stid);

			if (!$r) 
			{
			    	$e = oci_error($stid);  // For oci_execute errors pass the statement handle
			    	print htmlentities($e['message']);
			    	print "\n<pre>\n";
    				print htmlentities($e['sqltext']);
				echo $e['message'];
    				printf("\n%".($e['offset']+1)."s", "^");
    				print  "\n</pre>\n";
			}

			//Display results
			$count = 0;
			echo "<table width='90%' style='text-align:top'><tr>";
			while(($row = oci_fetch_array($stid, OCI_ASSOC)))
			{
				//pull info from database
				$createDate = $row['CREATEDATE'];
				$rating = $row['RATING'];
				$text = $row['TEXT'];
				$movtitle = $row['MOVTITLE'];
				$imgcover = $row['IMGCOVER'];				

				//echo info into a table
				echo "<td class='mresults'style='vertical-align: bottom; padding:20px'>
					<a href='movies.php?movie=$movtitle'><img src='content/covers/$imgcover' width='150' height='200' 
alt='$imgcover'><br /></a>
					<b>Movie Title:</b><br /> $movtitle<br />
					<b>Create Date:</b><br /> $createDate<br />
					<b>Rating:</b><br /> $rating <br />
					<b>Comments:</b><br /> $text
				      </td>";
				$count++;

				if($count==2)
				{
					echo "</tr><tr>";
					$count = 0;
				}
				
			}
			
			echo "</tr></table>";
		
		?>
			
		</div>
 		
		<div class="post">
			<div class="entry">
<?php
			$title = $_SESSION['title'];
			$comment = $_SESSION['comment'];
			$rating = $_SESSION['rating'];
?>
                        <table width='90%'><tr>
			<td style='vertical-align:top'>
				<h1><a href="#">Add A Favorite</a></h1>
					<form name='addFavorite' method='post' action='myfavorites.php'>
                        		Movie Title:<br />
					<input type='text' name='addFavorite' value='<?php echo $title; ?>'/><br />
					User Rating (1-5):<br />
					<input type='text' name='rating' value='<?php echo $rating; ?>'/><br />
					User Comment:<br />
					<input type='text' name='comment' value='<?php echo $comment; ?>'/><br /><br />
					<input type='submit' value='Add Favorite' name='submit'>
					</form>
			</td>
			<td style='vertical-align:top'>
                                <h1><a href="#">Remove A Favorite</a></h1>
                                        <form name='removeFavorite' method='post' action='myfavorites.php'>
                                        Movie Title:<br />
                                        <input type='text' name='removeFavorite' /><br />
                                        Confirm Title:<br />
                                        <input type='text' name='confirmRemove' /><br /><br /><br /><br />
                                        <input type='submit' value='Remove Favorite' name='remove'>
                                        </form>
			</td>
			</tr></table>
                        </div>
                </div>
	</div>		
	
<!-- end content -->

<?php include('footer.php'); ?>
